[Mimedefang] Need advise on how to proceed.
Martin Blapp
mb at imp.ch
Mon Jun 14 11:30:24 EDT 2004
Hi,
> Back in the day, you wouldn't return a 5xx code on invalid recipients
> since that would make it very easy for spammers to build a "good" and a
> "bad" email list. Thus making their operations much more efficient at the
> cost of bandwidth and CPU cycles on our mail server. Is this no longer a
> good thing to do?
Definitly not. If you like to have something smarter, use a graylist, which
means that mimedefang needs to respond the first time a mail arrives with
TMPFAIL and keeps the message-id in mind. If the mail arrives a second time,
mimedefang accepts it.
This keeps spam out of your mailserver sent from relays and open proxies
but is still problematic because an attack can make your server very busy.
Yesterday we had such an attack. 32000 connects from ~ 1000 hosts in the
net, sending each one mail with 32 recipient. Imagine what happens if you
accept all the mails and you send bounces ... Bye bye server ...
Martin
More information about the MIMEDefang
mailing list